This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/rby-gGvDas1Xa9334DJTczkmtYc.roa File: rby-gGvDas1Xa9334DJTczkmtYc.roa (raw, json) Hash identifier: h/3pkwNZ0gwBP4ba5gjKhseXzTn04Qnwy4D9dTEdSQ8= Subject key identifier: AD:BC:BE:80:6B:C3:6A:CD:57:6B:DD:F7:E0:32:53:73:39:26:B5:87 Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2 Certificate serial: 019B7D5CD281E0A36D0BAC3E4CDE1EAA7186 Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/rby-gGvDas1Xa9334DJTczkmtYc.roa Signing time: Fri 02 Jan 2026 06:19:53 +0000 ROA not before: Fri 02 Jan 2026 06:19:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199599 IP address blocks: 212.67.16.0/24 maxlen: 24 212.67.18.0/24 maxlen: 24 212.67.19.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:55:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:d2:81:e0:a3:6d:0b:ac:3e:4c:de:1e:aa:71:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2 Validity Not Before: Jan 2 06:19:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=adbcbe806bc36acd576bddf7e03253733926b587 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:e6:e0:1f:ca:8a:3d:30:f6:b5:55:ec:0f:7c: 7a:f7:89:ed:a8:31:cd:0c:7d:93:53:f3:0c:68:4d: 43:be:db:40:7c:15:a6:a5:fd:9c:a8:59:7a:18:e5: 13:26:68:96:40:76:84:8b:66:57:d5:da:11:58:cb: 1c:ff:97:f8:33:01:07:dc:33:24:30:60:ea:0e:07: f2:94:06:a4:36:bb:72:e7:24:78:7d:d3:d1:48:b9: a1:d1:47:a3:e5:bd:17:97:f2:1d:88:8f:96:d6:9a: fd:65:9d:4b:ba:0a:3c:b2:03:3d:8a:83:d5:76:bb: 0f:31:c1:9a:96:f7:33:ff:38:65:0c:23:dd:89:dc: 51:86:08:9f:7d:3c:84:27:84:84:e8:61:5e:89:b1: 7e:0c:65:0c:f2:26:41:2b:1f:f7:12:ee:ee:f2:66: 31:78:14:15:d6:b4:bc:3f:89:05:5d:63:8f:e0:a9: 91:26:42:0d:3e:49:fe:22:0c:e4:5e:4a:32:8a:1d: 9b:9e:29:94:6f:da:68:95:37:47:7a:87:e4:6e:b4: 94:65:fb:27:f6:40:33:c7:64:51:51:73:74:1f:ec: e6:35:1f:c8:d4:75:6c:9e:88:8e:7b:d8:94:6a:e5: 3d:82:67:12:05:5f:3f:11:10:27:d2:f0:96:46:d5: d9:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:BC:BE:80:6B:C3:6A:CD:57:6B:DD:F7:E0:32:53:73:39:26:B5:87 X509v3 Authority Key Identifier: keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/rby-gGvDas1Xa9334DJTczkmtYc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.67.16.0/24 212.67.18.0/23 Signature Algorithm: sha256WithRSAEncryption 91:bf:3d:6e:11:ca:38:9c:83:bf:07:28:7f:7d:b7:82:5a:06: 4b:73:43:60:8f:13:d0:78:d0:4f:ca:16:c0:8a:0b:0f:43:b5: 88:29:ff:13:11:7e:58:7d:ef:ae:ec:12:ee:1e:58:e1:7f:5c: 3a:26:8a:e8:e7:86:47:0f:78:79:ce:39:1e:63:22:bb:45:f1: 66:5b:34:2c:16:62:4b:7e:30:17:8e:1e:a1:b8:96:d3:93:8c: e9:51:bd:63:b4:a4:d8:f6:e5:69:28:9e:55:5f:a3:5c:83:8b: a7:bf:70:5b:e2:15:a0:a7:5c:44:1f:3c:1a:3a:43:de:ae:66: 66:9d:4b:f4:53:e7:03:3d:d1:60:8c:1d:bc:dd:51:0f:a2:2c: 00:4a:42:e5:1d:90:f5:86:dc:39:93:3c:bc:c1:73:d6:c0:6f: 49:e9:9a:28:a3:9b:68:d3:c1:f6:be:d7:4c:a1:fc:86:18:59: eb:cc:ce:f1:c0:3d:fc:e3:65:9b:84:f7:6f:56:f5:a2:a1:d4: d6:b7:8e:1b:c8:c0:af:8e:dd:4e:de:13:d7:9b:6f:0c:12:27: cc:36:b1:e0:62:d4:78:bd:f0:be:aa:68:7e:6f:39:a8:74:fa: 7b:46:fe:c6:f3:a7:46:ab:d2:69:2c:10:49:43:14:2e:d4:30: e2:8d:2a:9d -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9XNKB4KNtC6w+TN4eqnGGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl NWVjZjIwHhcNMjYwMTAyMDYxOTUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZGJjYmU4MDZiYzM2YWNkNTc2YmRkZjdlMDMyNTM3MzM5MjZiNTg3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwebgH8qKPTD2tVXsD3x694ntqDHN DH2TU/MMaE1DvttAfBWmpf2cqFl6GOUTJmiWQHaEi2ZX1doRWMsc/5f4MwEH3DMk MGDqDgfylAakNrty5yR4fdPRSLmh0Uej5b0Xl/IdiI+W1pr9ZZ1Lugo8sgM9ioPV drsPMcGalvcz/zhlDCPdidxRhgiffTyEJ4SE6GFeibF+DGUM8iZBKx/3Eu7u8mYx eBQV1rS8P4kFXWOP4KmRJkINPkn+IgzkXkoyih2bnimUb9polTdHeofkbrSUZfsn 9kAzx2RRUXN0H+zmNR/I1HVsnoiOe9iUauU9gmcSBV8/ERAn0vCWRtXZOwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFK28voBrw2rNV2vd9+AyU3M5JrWHMB8GA1UdIwQY MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt MTcxYzM2N2JlNzgyLzEvcmJ5LWdHdkRhczFYYTkzMzRESlRjemttdFljLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1EMQAwQB 1EMSMA0GCSqGSIb3DQEBCwUAA4IBAQCRvz1uEco4nIO/Byh/fbeCWgZLc0NgjxPQ eNBPyhbAigsPQ7WIKf8TEX5Yfe+u7BLuHljhf1w6Joro54ZHD3h5zjkeYyK7RfFm WzQsFmJLfjAXjh6huJbTk4zpUb1jtKTY9uVpKJ5VX6Ncg4unv3Bb4hWgp1xEHzwa OkPermZmnUv0U+cDPdFgjB283VEPoiwASkLlHZD1htw5kzy8wXPWwG9J6Zooo5to 08H2vtdMofyGGFnrzM7xwD3842WbhPdvVvWiodTWt44byMCvjt1O3hPXm28MEifM NrHgYtR4vfC+qmh+bzmodPp7Rv7G86dGq9JpLBBJQxQu1DDijSqd -----END CERTIFICATE-----Generated at Mon Jan 19 20:00:45 2026 by rpki-client